Banner
    Science Play And Research Kit: Foil The NSA With Chemistry
    By Steve Schuler | December 3rd 2013 12:21 PM | 8 comments | Print | E-mail | Track Comments
    About Steve

    You may try my hacks AT YOUR OWN RISK--there's infinite ways to damage or destroy people and property, I can't think of them all. Kids use adult...

    View Steve's Profile
    Edward Snowden: patriot or traitor? Whatever your opinion of Mr. Snowden, he did give us pause to reflect on our Fourth Amendment rights “of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” When contemplating the problem, one must first answer why the Fourth Amendment was considered so important that it needed to be added to the Bill of Rights. Take a moment to read this article by the American Civil Liberties Union and pay particular attention to section “2. More Secret Searches” if you are having trouble answering why the Fourth Amendment was added. If you agree that the Fourth Amendment is important then you have to you have to decide what to do in response to Mr. Snowden’s revelations.

    It seems that Americans are afraid of terrorists. What do you suppose are your chances of dying in a terrorist attack? Now for the morbid part--the following are your chances of dying from the top ten causes of death:

    1. Heart Disease 1-in-5
    2. Cancer 1-in-7
    3. Stroke 1-in-23
    4. Accidental Injury 1-in-36
    5. Motor Vehicle Accident 1-in-100
    6. Intentional Self-harm (suicide) 1-in-121
    7. Falling Down 1-in-246
    8. Assault by Firearm 1-in-325
    9. Fire or Smoke 1-in-1,116
    10. Natural Forces (heat, cold, storms, quakes, etc.) 1-in-3,357
    Source

    What are your odds of dying in a terrorist attack? 1-in-20,000,000. Let me repeat: that’s one in twenty-million. Have you ever heard the saying, “the lottery is a tax for people who are bad at math?” The odds of winning, for example, Hoosier Lotto are 1-in-12,271,512. You don’t buy lottery tickets do you? Why not? Because you know the odds of winning are so remote that it’s just not worth wasting money to buy a lottery ticket. Yet you have a vastly better chance of winning the lottery than you have of dying in a terrorist attack. You have a better chance of dying in a tsunami (1-in-500,000), an asteroid impact (1-in-200,000), an earthquake (1-in-131,890), or lightning strike (1-in-83,930). To put things into perspective, think of how many people you know who’ve died in a motor vehicle collision (odds: 1-in-100) and compare that to the number of people you know who’ve died as a result of being struck by lightning (1-in-83,930). Sadly, I’ve known many people who’ve died in motor vehicle accidents but I don’t know anyone—nor do I know anyone who knows anyone—who has died of a lightning strike. There are 20,000,000 lightning strikes in the US each year, yet on average about 51 people per year are killed by lightning strikes. On the other hand, in 2012, 33,561 people were killed in motor vehicle collisions in the U.S.

    So, why is there a logical disconnect between reality and American’s hysteria about terrorists? It’s simple. If you depend on American mainstream media for your news, you have a warped sense of reality. There’s a maxim in the news business that goes: “if it bleeds it leads.” In other words, every day, at the top of the news you will see people’s inhumanity to their fellow human beings—the rapings, the stabings, the bludgeonings, displayed in graphic detail, in color, and high definition. And, if you’re a fan of the 24 hour news channels, you can watch the horror show 24 hours a day, 7 days a week, 365 days a year. Is it any wonder Americans are afraid to leave the house; believing there’s a rapist or terrorist behind every tree?

    Take a look at the top 100 most dangerous cities the U.S.. If you live in Tulsa, OK, your chances of becoming a victim of violent crime including, “forcible rape, murder and non-negligent manslaughter, armed robbery, and aggravated assault, including assault with a deadly weapon” are 1-in-100. Tulsans are just as likely to die driving to the grocery store (recall Live Science’s odds of dying in a motor vehicle accident are 1-in-100). Think about that for a moment. The American news media has you convinced there are rapists and terrorists behind every tree yet you never give a second thought to how dangerous it is just hopping in your car and driving to work. Americans have a one percent chance of dying in a vehicle collision--clearly Americans find this an acceptable risk, yet our chance of dying in a terrorist attack is vanishingly small (1-in-20,000,000) so, can anyone explain the One Percent Doctrine?

    All you have to do is look back to the history of the twentieth century to find numerous examples of how governments abused technology to gather intelligence on their own citizens and send the ones they didn’t like to gulags and gas chambers. Take a look at this article titled “A History of the Bill of Rights” if you are still unable understand why your Fourth Amendment rights are important. And then read “You May Have ‘Nothing to Hide’ But You Still Have Everything to Fear.” I realize, dear readers, that some of you may not like the ACLU but there are numerous other entities fighting for your privacy and protecting your Fourth Amendment rights.

    Here are a few non-ACLU articles on privacy by Daniel J. Solove a professor of law at George Washington University, Danah Boyd a senior researcher at Microsoft Research and a research assistant professor in media, culture and communication at New York University, and Bruce Schneier a fellow at the Berkman Center for Internet&Society at Harvard Law School.

    After reading the above about your Fourth Amendment rights and knowing that your chances of being killed in a terrorist attack are 1-in-20,000,000 (you’re afraid of terrorists…) compared to your one percent chance of being killed in a vehicle collision (…but you’re not afraid of driving), do you believe that the NSA’s mass surveillance program is justified? If you do, you can stop reading this article now.

    If you are still reading then there are some things you can do to take back your privacy. If you must communicate online, use Tor (The Onion Router). Do note, however, the following in the Wikipedia article: “However, an NSA appraisal released by The Guardian in October of that year characterized Tor as "[s]till the King of high secure, low latency Internet anonymity" and that "[t]here are no contenders for the throne in waiting". This likely means that the NSA has some method of stripping anonymity like “EgotisticalGiraffe,” or other hacks, so it may require additional research and learning on your part to use Tor properly for your online anonymity.

    If your communication needs are not time sensitive, you can always use offline messaging and data sharing. For offline data sharing you could try USB dead drop file sharing.

    For text communications you can use the United States Postal Service (you can drop a letter off at a mailbox with no return address). You can send optical disks, SD memory cards, etc. through the mail as well. While it certainly is possible to surreptitiously open and read your snail mail as demonstrated by the CIA Flaps and Seals Manual, you’ll be able to reclaim your privacy through the sheer impracticality of opening so many envelopes passing through the postal system. Scooping up electronic communications en masse is easy. Intercepting and opening a physical envelope is a little bit harder.

    You can add an additional level of privacy using chemistry. There are a number of chemicals that you can use for invisible ink. If you recall my DIY Titration Lab Ware article, you’ll remember that phenolphthalein solution turns pink in the presence of a base. You can thus write a message--for example, the GPS coordinates of your USB dead drop--using a water color brush and ordinary soda water. Then send your invisible message to your friend via us mail. Your friend brushes phenolphthalein solution on your message turning your soda water GPS coordinates pink. Phenolphthalein used to be used as a laxative, but it was discovered that it allegedly causes cancer so nowadays it’s pretty hard to find.

    You can instead, use ordinary liquid starch to write your message. When your friend receives your message he or she uses iodine solution to develop your messages turning the starch letters blue.

    Often, the problem with using invisible ink is that it is detectable because the letters in glancing light can be shinier than the rest of the paper or if you’re using glossy paper, less shiny than the rest of the paper. You can use an analog form of steganography to hide your secret message. You might take up water color painting. You don’t have to be a good painter. You can paint abstract paintings and create an area inside your abstract art to write your message with your starch invisible ink.

    If you like to hack things you can replace the ink in an ink jet printer cartridge with your invisible ink. With a single cartridge printer, you’ll have to run the paper through the printer twice. The first time you’ll print trivial text with normal ink, then replace the normal cartridge with your invisible ink cartridge and print the secret message, say, between the lines of the trivial text. If you are printing a picture, print your picture with normal ink then run the paper through a second time with your invisible ink cartridge locating your message in the negative space of the picture or in an area of the picture where the message will not be obscured by the background picture.

    You can even get creative and turn your message into QR code and then print the QR code in invisible ink where it won’t be obscured by the background picture or text. You can even encrypt your message with a book cipher before converting it to QR code. You’ll have to try a few tests to see if the QR code is readable by QR reader software. The QR code may smear or run when developing with a brush so you may need to put your developer chemical in a perfume bottle to atomize it and spray it on with the paper on a flat surface. Also, once developed the QR code may be too faint to be readable by the QR software. If that is the case, you may be able to load the picture into an online editor such as http://pixlr.com/editor/ and adjust the threshold making the background white and the QR code black so the QR software can read the QR code.

    You can experiment with various invisible inks. A list of several can be found here. Some can be developed by other chemicals, some by heat, and others will fluoresce under UV light.

    But seriously folks, simply using Tor properly for your time sensitive communication and using snail mail for correspondence that isn’t time sensitive should be sufficient to thumb your nose at nosey three letter agencies and corporations. If you are going to use a dead drop, pick a spot that has a nice view or has some historical significance so that you and the people with whom you are corresponding can go outside and enjoy the view or historical/local interest location. If you are going to use invisible ink, do it to learn some chemistry.

    Comments

    "odds of dying in a motor vehicle accident are 1-in-100....There is literally a one percent chance you are going to die every time you get into your car." So, odds are that every single driver will die within 3 months (i.e., 100 driving trips)? No; such a horribly wrong interpretation. It's the same as saying: you're mortal, so the odds of you dying someday are 100-in-100; today is a day, so you must be dying today. The stat is really saying that in a lifetime, on average, the chances that your mortality is car related is 1%.

    Chances of dying by terrorism are 1 in 20,000,000. What are the chances that a government conspiracy targeting specifically you will end your life (or to be really generous, even inconvenience your life)? That seems to be what your post is hinting at. More importantly, consider if the 1 in 20,000,000 stat is based on "free-reign" terrorism or on government-mitigated terrorism. The stat is born of having government – and military – surveillance and intervention. To be fair, I can't point to any data on their success (classified materials, etc.), but I'll give the benefit of the doubt that they've made a strong difference in minimizing the threat. Just food for thought.

    KRA5H
    Thank you for posting your comment, I'm happy to know someone actually read my article. I acknowledge the error you pointed out: In a lifetime, on average, the chances of dying in a vehicle collision are one percent. But also in a lifetime, on average, the chances of dying in a terrorist attack are one in twenty-million. The comparison holds: one percent versus one in twenty-million. I've corrected the text as follows:
    [Original text]: "There is literally a one percent chance you are going to die every time you get into your car, yet clearly Americans find this an acceptable risk, but your chance of dying in a terrorist attack is vanishingly small (1-in-20,000,000)"

    [Corrected text]: "Americans have a one percent chance of dying in a vehicle collision--clearly Americans find this an acceptable risk, yet our chance of dying in a terrorist attack is vanishingly small (1-in-20,000,000)"
    KRA5H
    @Hyperbolic Statistics:

    "What are the chances that a government conspiracy targeting specifically you will end your life (or to be really generous, even inconvenience your life)? That seems to be what your post is hinting at."
    Careful now. You have misunderstood my article. But that's what sometimes happens. There are 2,723,000 Federal employees (1) all just as flawed and fallible as, well, you (and everyone else).  Perhaps you did not read the Solove article. Here's an example of how harmless activities could be misconstrued by government officials who are just as flawed and fallible as everyone else:


    "suppose government officials learn that a person has bought a number of books on how to manufacture methamphetamine. That information makes them suspect that he's building a meth lab. What is missing from the records is the full story: The person is writing a novel about a character who makes meth. When he bought the books, he didn't consider how suspicious the purchase might appear to government officials, and his records didn't reveal the reason for the purchases. Should he have to worry about government scrutiny of all his purchases and actions? Should he have to be concerned that he'll wind up on a suspicious-persons list? Even if he isn't doing anything wrong, he may want to keep his records away from government officials who might make faulty inferences from them. He might not want to have to worry about how everything he does will be perceived by officials nervously monitoring for criminal activity. He might not want to have a computer flag him as suspicious because he has an unusual pattern of behavior." (2)


    Hmmm...I suspect, Hyperbolic Statistics, that you may indeed be an NSA employee. Naw! I'm just messin' with ya.


    It seems you didn't read the ACLU article:


    "Government surveillance can also have a direct harm on others – think of human rights workers or journalists who must work with people who fear government scrutiny, not because of wrongdoing but for political reasons. Imagine a liberal group arguing that in the wake of the recent IRS scandal, it has nothing to fear because the IRS is interested only in conservative groups. This argument would be myopic, missing the wider risks of government overreaching. (Need proof? The IRS has now admitted that it scrutinized liberal groups, too.)" (3)


    ----


    1.  http://economix.blogs.nytimes.com/2013/10/22/bloated-government-federal-employment-at-47-year-low/

    2. https://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/

    3. https://www.aclu.org/blog/national-security/you-may-have-nothing-hide-you-still-have-something-fear



    KRA5H
    @hyperbolic statistics


    "More importantly, consider if the 1 in 20,000,000 stat is based on "free-reign" terrorism or on government-mitigated terrorism.


    Have you seen the movie The Recruit. Here's a quote from the movie: "Our failures are known, our successes are not." 


    I have a lot of respect for people like Valerie Plame-Wilson--those who are willing to be away from their families for long periods of time, who endure hardship, who put their lives on the the line to go after the bad guys. No one's thumbing his or her nose at individuals, but POLICIES that make these individual's job harder by having to sift through millions of harmless communications. Activity by the bad guys will either get lost in this background noise or the bad guys know that every form of electronic communication  whether over-the-air, over fiber, over copper, etc., can be monitored. Thus the bad guys will communicate offline by courier, dead drop, etc.
    KRA5H
    @hyperbolic statistics
    "To be fair, I can't point to any data on their success (classified materials, etc.)"


    Here's another citation from the ACLU:


    "Simply put, government secrecy is incompatible with a healthy democracy. As U.S. District Court Judge Damon Keith said, "Democracies die behind closed doors."

    Yet today much of our government’s business is conducted in secret. We have a multitude of secret agencies, secret committees of Congress, a secret court — and even secret laws.

    For example, federal law enforcement agencies, such as the Justice Department and Department of Homeland Security, have assumed an unprecedented amount of authority to detain and spy on individuals. Yet the public has been kept unaware of how these powers have been used. Government secrecy is a concept completely at odds with the idea of government accountability.

    This sprawling — and growing — secret security establishment presents an active threat to individual liberty and undermines the very notion of government of, by and for the people.

    Certainly some level of secrecy is necessary for protecting the nation from potential enemies. But even where secrecy is needed, it must be recognized as a necessary evil, and effective checks against error, abuse and corruption must be re-established. History — including recent history — has often shown that secrecy does great harm to the nation by depriving policy makers and the public of crucial information before decisions are made and by fostering illegality, inefficiency and ineffectiveness in the agencies charged with our protection."

    https://www.aclu.org/national-security/secrecy

    Here's some more resources on government secrecy at the Federation of American Scientists: http://www.fas.org/programs/ssp/govsec/index.html

    Keep in mind too that since the Reagan administration more and more of what the government used to do has been privatized meaning that more and more contractors like Snowden will have access to classified information which means more and more of this classified information will leak to the public.






    KRA5H
    @hyperbolic statistics

    Sorry dude, but I have one more article for you to read:


    "According to a pair of recent polls, for the first time since the 9/11 terrorist hijackings, Americans are more fearful their government will abuse constitutional liberties than fail to keep its citizens safe.

    Even in the wake of the April 15 Boston Marathon bombing – in which a pair of Islamic radicals are accused of planting explosives that took the lives of 3 and wounded over 280 – the polls suggest Americans are hesitant to give up any further freedoms in exchange for increased “security.”

    http://www.washingtonsblog.com/2013/04/multiple-polls-americans-are-more-afraid-of-the-government-than-terrorists.html

    The dystopian fantasies of yesteryear are now a reality. We’ve allowed the coming of an age where the civil liberties our forefathers fought so hard for are being eroded by the day. Freedom of Press, Freedom of Speech and Freedom of Assembly are mere ghostly images of their original intent. We’ve woken up to an Orwellian Society of Fear where anyone is at the mercy of being labeled a terrorist for standing up for rights we took for granted just over a decade ago. Read about how we’re waging war against ourselves at http://dregstudiosart.blogspot.com/2011/09/living-in-society-of-fear-ten...

    KRA5H
    "The stat is born of having government – and military – surveillance and intervention. To be fair, I can't point to any data on their success (classified materials, etc.), but I'll give the benefit of the doubt that they've made a strong difference in minimizing the threat."

    There is no reason the give them the benefit of the doubt. You can't point to any data demonstrating their success nor that they've made a strong difference in minimizing the threat, because you believe it's classified. But I can point to open source data:

    (Source: New Scientist)

    NSA's snooping dragnet has little impact on terrorism,
    21:49 13 January 2014 by Hal Hodson

    The US government, through its National Security Agency, keeps records of every single phone call made by every single phone in the country – and probably almost anything that travels over the internet. The oft-repeated rationale is that this kind of bulk data collection has the power to prevent terrorist attacks and keep the US safe. But an analysis from the non-profit policy group New America Foundation, released today, shows that NSA surveillance programmes have been used to apprehend only 17 of the 225 people charged with an act of terrorism in the US since 9/11. The report also argues that the NSA's mass surveillance, which began after the Al-Qaida attacks on the World Trade Center and Pentagon, would not even have helped to prevent those attacks.

    The key issue in the failure to prevent 9/11 was not a lack of information, the report claims, but poor sharing of existing intelligence between the CIA and other government departments. One of the plane hijackers, Khalid al-Mihdhar, was already known to the CIA after he attended an Al-Qaida summit in Malaysia in 2000. Despite this, his name was not added to any watch lists, and the FBI was never told about Mihdhar so they could pursue him in the US.

    In 2001, Mihdhar was allowed to land in Los Angeles, rent an apartment, get a driver's license, open a bank account, buy a car, and take flight lessons all under his real name. He eventually went on to aid in the hijacking of American Airlines Flight 77, which was flown into the Pentagon, killing 189 people.

    "The United States government could and should have been alerted to Mihdhar's phone calls even without the expanded authority to collect the telephone metadata of all Americans under Section 215," the report says, referring to the provision of the Patriot Act that allows for the mass collection of telephone metadata.

    The NSA's dragnet may even be detrimental to the task of catching terrorists. In September last year, former NSA official William Binney said that the vast piles of new data gathered from mass surveillance can act as a distraction from the task at hand – which is finding and stopping people who pose a threat to the US. "What they are doing is making themselves dysfunctional by taking all this data," Binney told the Congress on Privacy and Surveillance, in Lausanne, Switzerland, according to The Wall Street Journal.

    Add a comment

    The content of this field is kept private and will not be shown publicly.
    • Allowed HTML tags: <span> <sup> <sub> <a> <em> <strong> <center> <cite><TH><ul> <ol> <li> <dl> <dt> <dd> <img> <br> <p> <blockquote> <strike> <object> <param> <embed> <del> <pre> <b> <i> <table> <tbody> <div> <tr> <td> <h1> <h2> <h3> <h4> <h5> <h6> <hr> <iframe><u><font>
    • Web page addresses and e-mail addresses turn into links automatically.
    CAPTCHA
    If you register, you will never be bothered to prove you are human again. And you get a real editor toolbar to use instead of this HTML thing that wards off spam bots.